Indian Air Force issues strict orders to tackle hacking

New Delhi: Every officer of the Indian Air Force (IAF) will now have to sign a declaration that they will not save or view any official document on personal computers. Failure to adhere to this directive will lead to a court marshal and prosecution.

The recent directive from the IAF headquarters to all its formations across the country comes after repeated leaks of sensitive documents - some of which are of operational and sensitive in nature - from personal computers of officers and men.

In a recent case, operational documents were found on the personal computer of a young pilot posted at an airbase in Tamil Nadu. A court of inquiry has been initiated.

In another incident this July, it was found that classified data regarding Indian Naval operations were transmitted to IP addresses in China. Later, inquiries revealed that a few naval officers had, against the rules, taken copies of the plans in pen drives from a naval computer, to study. The Chinese-made pen drives allegedly had malwares which transmitted the data back to IP addresses in China once they were used on computers connected to the internet.

Earlier last year, a major with the Indian Army posted in the crucial Andaman and Nicobar Command was investigated by the Intelligence Bureau (IB) and the National Investigative Agency (NIA) when classified Army plans and other sensitive operational data stored in his personal computer reached Pakistan's Inter-Services Intelligence Agency (ISI). The inquiry revealed that the Major was preparing for a course, and had taken copies of presentations and plans in his personal computer, which was subsequently hacked by malware originating from Pakistan.

In almost every case of cyber leak, subsequent inquiries have revealed that officers wanting to study the documents at leisure copied the data from the official systems into their personal computers, and the data later found its way into the cyberspace.

Over the years, cyberspace has emerged as a critical frontier for espionage as the use of computers and dependence on the internet has grown. Thus, document security has emerged as one of critical areas of concern for the government. It is perhaps alluding to these increasing instances of the cyberspace being used by foreign agencies to collect critical information. Prime Minister Manmohan Singh, while addressing top cops of the country at the annual security conference hosted by the Intelligence Bureau earlier this month, said, "Our country's vulnerability to cybercrime is escalating... Large-scale computer attacks on our critical infrastructure and economy can have potentially devastating results. The government is working on a robust cyber security structure."

The Indian armed forces are considering a joint cyber command to deal with document security and hackers, many of whom are funded and used by foreign governments searching for sensitive and strategic information. The Indian Navy has come up with an exclusive Information Technology brigade to be deployed on warships and various sensitive establishments on shore to manage and secure the network and data.

As a general rule, computers in which sensitive information are stored or prepared are never connected to the internet. "The IAF internal communication network, for instance, is not only a stand-alone network with no connection to the net, but also has the system configured in such a way that it doesn't allow external storage devices like pen drives or CDs," a senior MoD official told NDTV. Nonetheless, some officers have been found "keeping copies or preparing documents using critical information in their personal computers, which have subsequently passed out by malwares in the system or hacked," the officer added.